RSS
Last updated: May 13, 2026 at 5:42 AM UTC
All 208 Vulnerability 72 Breach 41 Threat 88 Defense 7
Tag: claude-opus (2 articles)Clear
threat
2026-04-29

North Korean hackers used Claude AI to add malicious npm dependencies to legitimate-looking projects and stole crypto wallet credentials from developers who installed them

North Korea's Famous Chollima group (also called Void Dokkaebi) is using Anthropic's Claude Opus to write malicious npm packages and slip them into developer environments. ReversingLabs found the group had registered a fake Florida LLC, set up a real-looking developer firm, and used Claude to add a package called @validate-sdk/v2 as a dependency to a legitimate-looking utility SDK. When developers installed the parent package, the dependency executed code that stole their cryptocurrency wallet credentials. The campaign progressed from simple JavaScript info-stealers (5KB) to full Node.js executables (85MB) bundling Claude-generated deception code.

dprkfamous-chollimavoid-dokkaebiclaude-opusai-malwarenpmpypicryptocurrencyfake-llcreversinglabs
Check
If your organization handles cryptocurrency, treat every npm or PyPI dependency as untrusted by default - particularly utility SDKs offered by unfamiliar publishers.
Affected
Cryptocurrency companies and developers, especially those whose machines hold wallet credentials, signing keys, or CI/CD access to crypto infrastructure. Web3 startups, blockchain developers, fintech engineers. The targeting is industry-specific, but the technique (AI-generated trojan dependencies inside legitimate-looking SDKs) will be copied by other groups.
Fix
Pin npm and PyPI dependencies to specific commit SHAs and require manual review for any new dependency added to a crypto-handling project. For high-risk developers, use ephemeral build environments that don't carry wallet credentials. Block ipfs-url-validator.vercel[.]app and the @validate-sdk publisher namespace. Treat any 'utility SDK' from an unfamiliar US LLC formed in the past 12 months with extra suspicion.
vulnerability
CVE-2026-41651
2026-04-22

12-year-old 'Pack2TheRoot' bug in PackageKit gives any local user root on default Ubuntu, Debian, Fedora, and RHEL/Cockpit installs (CVE-2026-41651)

Deutsche Telekom's Red Team disclosed CVE-2026-41651, a local privilege escalation in the PackageKit daemon that has shipped in default Linux installations since November 2014. Any unprivileged local user can invoke 'pkcon install' without a polkit prompt, install or remove arbitrary packages, and escalate to root. CVSS 8.8. Confirmed-vulnerable defaults include Ubuntu Desktop and Server LTS, Debian Trixie, Rocky Linux 10.1, and Fedora 43; any RHEL server running Cockpit is also exposed because Cockpit loads PackageKit on demand via D-Bus. PackageKit 1.3.5 fixes it. The researchers credited Anthropic's Claude Opus with helping guide the discovery.

pack2therootpackagekitlinuxprivilege-escalationubuntudebianfedorarhelcockpitdeutsche-telekomclaude-opus
Check
Inventory every Linux endpoint and server for PackageKit, patch to 1.3.5 today, and audit historical journalctl output for the assertion-failure IoC.
Affected
PackageKit versions 1.0.2 through 1.3.4 (every release between November 2014 and the April 22, 2026 fix). Default Ubuntu Desktop and Server LTS, Debian Trixie 13.4, Rocky Linux 10.1, Fedora 43. Plus any RHEL or CentOS server running Cockpit, which loads PackageKit on demand via D-Bus.
Fix
Update PackageKit to 1.3.5 across the fleet. Verify with 'dpkg -l | grep packagekit' or 'rpm -qa | grep packagekit'. A process-list grep is insufficient because PackageKit is D-Bus-activated. Hunt past exploitation via 'journalctl -u packagekit | grep emitted_finished' for assertion-failure crashes. Where patching is delayed, mask the systemd unit and disable Cockpit.